AF
Ash Framework•3y ago
Myrmyr

Forbid all but one field using field policies

Hello, I need to forbid Anonymous actor access to all fields but id and status. Basically it's needed for some calulcations but we don't want him to have access to any other data. So I've tried using policies like this: 
  field_policies do
    field_policy :status do
      authorize_if always()
    end

    field_policy :* do
      forbid_if Checks.IsAnonymousActor
      authorize_if always()
    end
  end
  field_policies do
    field_policy :status do
      authorize_if always()
    end

    field_policy :* do
      forbid_if Checks.IsAnonymousActor
      authorize_if always()
    end
  end
But this seems to not be working, probably because for status filed Ash checks policies from both status and :*. Is there any way to achieve that?
3 Replies
ZachDaniel
ZachDaniel•3y ago
Hey @Myrmyr , if you don't mind, please open a thread in our new forum at ElixirForum 🙂 https://elixirforum.com/c/elixir-framework-forums/ash-framework-forum/123
Elixir Programming Language Forum
Ash Forum
Myrmyr
MyrmyrOP•3y ago
Sure, sorry, haven't been here in a while
user20230119
user20230119•3y ago
https://elixirforum.com/t/forbid-all-but-one-field-using-field-policies/58563
Elixir Programming Language Forum
Forbid all but one field using field policies
Hello, I need to forbid Anonymous actor access to all fields but id and status . Basically it’s needed for some calulcations but we don’t want him to have access to any other data. So I’ve tried using policies like this: field_policies do field_policy :status do authorize_if always() end field_policy :* do forbid_if C...

Did you find this page helpful?